wolf SSL / wolfSSL

wolfSSL SSL/TLS library, support up to TLS1.3

Dependents:   CyaSSL-Twitter-OAuth4Tw Example-client-tls-cert TwitterReader TweetTest ... more

wolfcrypt/src/wolfmath.c@13:f67a6c6013ca, 2017-08-22 (annotated)

Committer:
wolfSSL
Date:
Tue Aug 22 10:48:22 2017 +0000
Revision:
13:f67a6c6013ca
wolfSSL3.12.0 with TLS1.3

Who changed what in which revision?

UserRevisionLine numberNew contents of line
wolfSSL 13:f67a6c6013ca 1 /* wolfmath.c
wolfSSL 13:f67a6c6013ca 2 *
wolfSSL 13:f67a6c6013ca 3 * Copyright (C) 2006-2016 wolfSSL Inc.
wolfSSL 13:f67a6c6013ca 4 *
wolfSSL 13:f67a6c6013ca 5 * This file is part of wolfSSL.
wolfSSL 13:f67a6c6013ca 6 *
wolfSSL 13:f67a6c6013ca 7 * wolfSSL is free software; you can redistribute it and/or modify
wolfSSL 13:f67a6c6013ca 8 * it under the terms of the GNU General Public License as published by
wolfSSL 13:f67a6c6013ca 9 * the Free Software Foundation; either version 2 of the License, or
wolfSSL 13:f67a6c6013ca 10 * (at your option) any later version.
wolfSSL 13:f67a6c6013ca 11 *
wolfSSL 13:f67a6c6013ca 12 * wolfSSL is distributed in the hope that it will be useful,
wolfSSL 13:f67a6c6013ca 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
wolfSSL 13:f67a6c6013ca 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
wolfSSL 13:f67a6c6013ca 15 * GNU General Public License for more details.
wolfSSL 13:f67a6c6013ca 16 *
wolfSSL 13:f67a6c6013ca 17 * You should have received a copy of the GNU General Public License
wolfSSL 13:f67a6c6013ca 18 * along with this program; if not, write to the Free Software
wolfSSL 13:f67a6c6013ca 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
wolfSSL 13:f67a6c6013ca 20 */
wolfSSL 13:f67a6c6013ca 21
wolfSSL 13:f67a6c6013ca 22
wolfSSL 13:f67a6c6013ca 23 /* common functions for either math library */
wolfSSL 13:f67a6c6013ca 24
wolfSSL 13:f67a6c6013ca 25 #ifdef HAVE_CONFIG_H
wolfSSL 13:f67a6c6013ca 26 #include <config.h>
wolfSSL 13:f67a6c6013ca 27 #endif
wolfSSL 13:f67a6c6013ca 28
wolfSSL 13:f67a6c6013ca 29 /* in case user set USE_FAST_MATH there */
wolfSSL 13:f67a6c6013ca 30 #include <wolfssl/wolfcrypt/settings.h>
wolfSSL 13:f67a6c6013ca 31
wolfSSL 13:f67a6c6013ca 32 #ifdef USE_FAST_MATH
wolfSSL 13:f67a6c6013ca 33 #include <wolfssl/wolfcrypt/tfm.h>
wolfSSL 13:f67a6c6013ca 34 #else
wolfSSL 13:f67a6c6013ca 35 #include <wolfssl/wolfcrypt/integer.h>
wolfSSL 13:f67a6c6013ca 36 #endif
wolfSSL 13:f67a6c6013ca 37
wolfSSL 13:f67a6c6013ca 38 #include <wolfssl/wolfcrypt/error-crypt.h>
wolfSSL 13:f67a6c6013ca 39 #include <wolfssl/wolfcrypt/logging.h>
wolfSSL 13:f67a6c6013ca 40
wolfSSL 13:f67a6c6013ca 41 #if defined(USE_FAST_MATH) || !defined(NO_BIG_INT)
wolfSSL 13:f67a6c6013ca 42
wolfSSL 13:f67a6c6013ca 43 #ifdef WOLFSSL_ASYNC_CRYPT
wolfSSL 13:f67a6c6013ca 44 #include <wolfssl/wolfcrypt/async.h>
wolfSSL 13:f67a6c6013ca 45 #endif
wolfSSL 13:f67a6c6013ca 46
wolfSSL 13:f67a6c6013ca 47 #ifdef NO_INLINE
wolfSSL 13:f67a6c6013ca 48 #include <wolfssl/wolfcrypt/misc.h>
wolfSSL 13:f67a6c6013ca 49 #else
wolfSSL 13:f67a6c6013ca 50 #define WOLFSSL_MISC_INCLUDED
wolfSSL 13:f67a6c6013ca 51 #include <wolfcrypt/src/misc.c>
wolfSSL 13:f67a6c6013ca 52 #endif
wolfSSL 13:f67a6c6013ca 53
wolfSSL 13:f67a6c6013ca 54
wolfSSL 13:f67a6c6013ca 55 #if !defined(WC_NO_CACHE_RESISTANT) && \
wolfSSL 13:f67a6c6013ca 56 ((defined(HAVE_ECC) && defined(ECC_TIMING_RESISTANT)) || \
wolfSSL 13:f67a6c6013ca 57 (defined(USE_FAST_MATH) && defined(TFM_TIMING_RESISTANT)))
wolfSSL 13:f67a6c6013ca 58
wolfSSL 13:f67a6c6013ca 59 /* all off / all on pointer addresses for constant calculations */
wolfSSL 13:f67a6c6013ca 60 /* ecc.c uses same table */
wolfSSL 13:f67a6c6013ca 61 const wolfssl_word wc_off_on_addr[2] =
wolfSSL 13:f67a6c6013ca 62 {
wolfSSL 13:f67a6c6013ca 63 #if defined(WC_64BIT_CPU)
wolfSSL 13:f67a6c6013ca 64 W64LIT(0x0000000000000000),
wolfSSL 13:f67a6c6013ca 65 W64LIT(0xffffffffffffffff)
wolfSSL 13:f67a6c6013ca 66 #elif defined(WC_16BIT_CPU)
wolfSSL 13:f67a6c6013ca 67 0x0000U,
wolfSSL 13:f67a6c6013ca 68 0xffffU
wolfSSL 13:f67a6c6013ca 69 #else
wolfSSL 13:f67a6c6013ca 70 /* 32 bit */
wolfSSL 13:f67a6c6013ca 71 0x00000000U,
wolfSSL 13:f67a6c6013ca 72 0xffffffffU
wolfSSL 13:f67a6c6013ca 73 #endif
wolfSSL 13:f67a6c6013ca 74 };
wolfSSL 13:f67a6c6013ca 75 #endif
wolfSSL 13:f67a6c6013ca 76
wolfSSL 13:f67a6c6013ca 77
wolfSSL 13:f67a6c6013ca 78 int get_digit_count(mp_int* a)
wolfSSL 13:f67a6c6013ca 79 {
wolfSSL 13:f67a6c6013ca 80 if (a == NULL)
wolfSSL 13:f67a6c6013ca 81 return 0;
wolfSSL 13:f67a6c6013ca 82
wolfSSL 13:f67a6c6013ca 83 return a->used;
wolfSSL 13:f67a6c6013ca 84 }
wolfSSL 13:f67a6c6013ca 85
wolfSSL 13:f67a6c6013ca 86 mp_digit get_digit(mp_int* a, int n)
wolfSSL 13:f67a6c6013ca 87 {
wolfSSL 13:f67a6c6013ca 88 if (a == NULL)
wolfSSL 13:f67a6c6013ca 89 return 0;
wolfSSL 13:f67a6c6013ca 90
wolfSSL 13:f67a6c6013ca 91 return (n >= a->used || n < 0) ? 0 : a->dp[n];
wolfSSL 13:f67a6c6013ca 92 }
wolfSSL 13:f67a6c6013ca 93
wolfSSL 13:f67a6c6013ca 94 int get_rand_digit(WC_RNG* rng, mp_digit* d)
wolfSSL 13:f67a6c6013ca 95 {
wolfSSL 13:f67a6c6013ca 96 return wc_RNG_GenerateBlock(rng, (byte*)d, sizeof(mp_digit));
wolfSSL 13:f67a6c6013ca 97 }
wolfSSL 13:f67a6c6013ca 98
wolfSSL 13:f67a6c6013ca 99 #ifdef WC_RSA_BLINDING
wolfSSL 13:f67a6c6013ca 100 int mp_rand(mp_int* a, int digits, WC_RNG* rng)
wolfSSL 13:f67a6c6013ca 101 {
wolfSSL 13:f67a6c6013ca 102 int ret;
wolfSSL 13:f67a6c6013ca 103 mp_digit d;
wolfSSL 13:f67a6c6013ca 104
wolfSSL 13:f67a6c6013ca 105 if (rng == NULL)
wolfSSL 13:f67a6c6013ca 106 return MISSING_RNG_E;
wolfSSL 13:f67a6c6013ca 107
wolfSSL 13:f67a6c6013ca 108 if (a == NULL)
wolfSSL 13:f67a6c6013ca 109 return BAD_FUNC_ARG;
wolfSSL 13:f67a6c6013ca 110
wolfSSL 13:f67a6c6013ca 111 mp_zero(a);
wolfSSL 13:f67a6c6013ca 112 if (digits <= 0) {
wolfSSL 13:f67a6c6013ca 113 return MP_OKAY;
wolfSSL 13:f67a6c6013ca 114 }
wolfSSL 13:f67a6c6013ca 115
wolfSSL 13:f67a6c6013ca 116 /* first place a random non-zero digit */
wolfSSL 13:f67a6c6013ca 117 do {
wolfSSL 13:f67a6c6013ca 118 ret = get_rand_digit(rng, &d);
wolfSSL 13:f67a6c6013ca 119 if (ret != 0) {
wolfSSL 13:f67a6c6013ca 120 return ret;
wolfSSL 13:f67a6c6013ca 121 }
wolfSSL 13:f67a6c6013ca 122 } while (d == 0);
wolfSSL 13:f67a6c6013ca 123
wolfSSL 13:f67a6c6013ca 124 if ((ret = mp_add_d(a, d, a)) != MP_OKAY) {
wolfSSL 13:f67a6c6013ca 125 return ret;
wolfSSL 13:f67a6c6013ca 126 }
wolfSSL 13:f67a6c6013ca 127
wolfSSL 13:f67a6c6013ca 128 while (--digits > 0) {
wolfSSL 13:f67a6c6013ca 129 if ((ret = mp_lshd(a, 1)) != MP_OKAY) {
wolfSSL 13:f67a6c6013ca 130 return ret;
wolfSSL 13:f67a6c6013ca 131 }
wolfSSL 13:f67a6c6013ca 132 if ((ret = get_rand_digit(rng, &d)) != 0) {
wolfSSL 13:f67a6c6013ca 133 return ret;
wolfSSL 13:f67a6c6013ca 134 }
wolfSSL 13:f67a6c6013ca 135 if ((ret = mp_add_d(a, d, a)) != MP_OKAY) {
wolfSSL 13:f67a6c6013ca 136 return ret;
wolfSSL 13:f67a6c6013ca 137 }
wolfSSL 13:f67a6c6013ca 138 }
wolfSSL 13:f67a6c6013ca 139
wolfSSL 13:f67a6c6013ca 140 return ret;
wolfSSL 13:f67a6c6013ca 141 }
wolfSSL 13:f67a6c6013ca 142 #endif /* WC_RSA_BLINDING */
wolfSSL 13:f67a6c6013ca 143
wolfSSL 13:f67a6c6013ca 144
wolfSSL 13:f67a6c6013ca 145 #ifdef HAVE_WOLF_BIGINT
wolfSSL 13:f67a6c6013ca 146 void wc_bigint_init(WC_BIGINT* a)
wolfSSL 13:f67a6c6013ca 147 {
wolfSSL 13:f67a6c6013ca 148 if (a != NULL) {
wolfSSL 13:f67a6c6013ca 149 a->buf = NULL;
wolfSSL 13:f67a6c6013ca 150 a->len = 0;
wolfSSL 13:f67a6c6013ca 151 a->heap = NULL;
wolfSSL 13:f67a6c6013ca 152 }
wolfSSL 13:f67a6c6013ca 153 }
wolfSSL 13:f67a6c6013ca 154
wolfSSL 13:f67a6c6013ca 155 int wc_bigint_alloc(WC_BIGINT* a, word32 sz)
wolfSSL 13:f67a6c6013ca 156 {
wolfSSL 13:f67a6c6013ca 157 int err = MP_OKAY;
wolfSSL 13:f67a6c6013ca 158
wolfSSL 13:f67a6c6013ca 159 if (a == NULL)
wolfSSL 13:f67a6c6013ca 160 return BAD_FUNC_ARG;
wolfSSL 13:f67a6c6013ca 161
wolfSSL 13:f67a6c6013ca 162 if (sz > 0) {
wolfSSL 13:f67a6c6013ca 163 if (a->buf && sz > a->len) {
wolfSSL 13:f67a6c6013ca 164 wc_bigint_free(a);
wolfSSL 13:f67a6c6013ca 165 }
wolfSSL 13:f67a6c6013ca 166 if (a->buf == NULL) {
wolfSSL 13:f67a6c6013ca 167 a->buf = (byte*)XMALLOC(sz, a->heap, DYNAMIC_TYPE_WOLF_BIGINT);
wolfSSL 13:f67a6c6013ca 168 }
wolfSSL 13:f67a6c6013ca 169 if (a->buf == NULL) {
wolfSSL 13:f67a6c6013ca 170 err = MP_MEM;
wolfSSL 13:f67a6c6013ca 171 }
wolfSSL 13:f67a6c6013ca 172 else {
wolfSSL 13:f67a6c6013ca 173 XMEMSET(a->buf, 0, sz);
wolfSSL 13:f67a6c6013ca 174 }
wolfSSL 13:f67a6c6013ca 175 }
wolfSSL 13:f67a6c6013ca 176 a->len = sz;
wolfSSL 13:f67a6c6013ca 177
wolfSSL 13:f67a6c6013ca 178 return err;
wolfSSL 13:f67a6c6013ca 179 }
wolfSSL 13:f67a6c6013ca 180
wolfSSL 13:f67a6c6013ca 181 /* assumes input is big endian format */
wolfSSL 13:f67a6c6013ca 182 int wc_bigint_from_unsigned_bin(WC_BIGINT* a, const byte* in, word32 inlen)
wolfSSL 13:f67a6c6013ca 183 {
wolfSSL 13:f67a6c6013ca 184 int err;
wolfSSL 13:f67a6c6013ca 185
wolfSSL 13:f67a6c6013ca 186 if (a == NULL || in == NULL || inlen == 0)
wolfSSL 13:f67a6c6013ca 187 return BAD_FUNC_ARG;
wolfSSL 13:f67a6c6013ca 188
wolfSSL 13:f67a6c6013ca 189 err = wc_bigint_alloc(a, inlen);
wolfSSL 13:f67a6c6013ca 190 if (err == 0) {
wolfSSL 13:f67a6c6013ca 191 XMEMCPY(a->buf, in, inlen);
wolfSSL 13:f67a6c6013ca 192 }
wolfSSL 13:f67a6c6013ca 193
wolfSSL 13:f67a6c6013ca 194 return err;
wolfSSL 13:f67a6c6013ca 195 }
wolfSSL 13:f67a6c6013ca 196
wolfSSL 13:f67a6c6013ca 197 int wc_bigint_to_unsigned_bin(WC_BIGINT* a, byte* out, word32* outlen)
wolfSSL 13:f67a6c6013ca 198 {
wolfSSL 13:f67a6c6013ca 199 word32 sz;
wolfSSL 13:f67a6c6013ca 200
wolfSSL 13:f67a6c6013ca 201 if (a == NULL || out == NULL || outlen == NULL || *outlen == 0)
wolfSSL 13:f67a6c6013ca 202 return BAD_FUNC_ARG;
wolfSSL 13:f67a6c6013ca 203
wolfSSL 13:f67a6c6013ca 204 /* trim to fit into output buffer */
wolfSSL 13:f67a6c6013ca 205 sz = a->len;
wolfSSL 13:f67a6c6013ca 206 if (a->len > *outlen) {
wolfSSL 13:f67a6c6013ca 207 WOLFSSL_MSG("wc_bigint_export: Truncating output");
wolfSSL 13:f67a6c6013ca 208 sz = *outlen;
wolfSSL 13:f67a6c6013ca 209 }
wolfSSL 13:f67a6c6013ca 210
wolfSSL 13:f67a6c6013ca 211 if (a->buf) {
wolfSSL 13:f67a6c6013ca 212 XMEMCPY(out, a->buf, sz);
wolfSSL 13:f67a6c6013ca 213 }
wolfSSL 13:f67a6c6013ca 214
wolfSSL 13:f67a6c6013ca 215 *outlen = sz;
wolfSSL 13:f67a6c6013ca 216
wolfSSL 13:f67a6c6013ca 217 return MP_OKAY;
wolfSSL 13:f67a6c6013ca 218 }
wolfSSL 13:f67a6c6013ca 219
wolfSSL 13:f67a6c6013ca 220 void wc_bigint_zero(WC_BIGINT* a)
wolfSSL 13:f67a6c6013ca 221 {
wolfSSL 13:f67a6c6013ca 222 if (a && a->buf) {
wolfSSL 13:f67a6c6013ca 223 ForceZero(a->buf, a->len);
wolfSSL 13:f67a6c6013ca 224 }
wolfSSL 13:f67a6c6013ca 225 }
wolfSSL 13:f67a6c6013ca 226
wolfSSL 13:f67a6c6013ca 227 void wc_bigint_free(WC_BIGINT* a)
wolfSSL 13:f67a6c6013ca 228 {
wolfSSL 13:f67a6c6013ca 229 if (a) {
wolfSSL 13:f67a6c6013ca 230 if (a->buf) {
wolfSSL 13:f67a6c6013ca 231 XFREE(a->buf, a->heap, DYNAMIC_TYPE_WOLF_BIGINT);
wolfSSL 13:f67a6c6013ca 232 }
wolfSSL 13:f67a6c6013ca 233 a->buf = NULL;
wolfSSL 13:f67a6c6013ca 234 a->len = 0;
wolfSSL 13:f67a6c6013ca 235 }
wolfSSL 13:f67a6c6013ca 236 }
wolfSSL 13:f67a6c6013ca 237
wolfSSL 13:f67a6c6013ca 238 int wc_mp_to_bigint(mp_int* src, WC_BIGINT* dst)
wolfSSL 13:f67a6c6013ca 239 {
wolfSSL 13:f67a6c6013ca 240 int err;
wolfSSL 13:f67a6c6013ca 241 word32 sz;
wolfSSL 13:f67a6c6013ca 242
wolfSSL 13:f67a6c6013ca 243 if (src == NULL || dst == NULL)
wolfSSL 13:f67a6c6013ca 244 return BAD_FUNC_ARG;
wolfSSL 13:f67a6c6013ca 245
wolfSSL 13:f67a6c6013ca 246 sz = mp_unsigned_bin_size(src);
wolfSSL 13:f67a6c6013ca 247 err = wc_bigint_alloc(dst, sz);
wolfSSL 13:f67a6c6013ca 248 if (err == MP_OKAY)
wolfSSL 13:f67a6c6013ca 249 err = mp_to_unsigned_bin(src, dst->buf);
wolfSSL 13:f67a6c6013ca 250
wolfSSL 13:f67a6c6013ca 251 return err;
wolfSSL 13:f67a6c6013ca 252 }
wolfSSL 13:f67a6c6013ca 253
wolfSSL 13:f67a6c6013ca 254 int wc_bigint_to_mp(WC_BIGINT* src, mp_int* dst)
wolfSSL 13:f67a6c6013ca 255 {
wolfSSL 13:f67a6c6013ca 256 int err;
wolfSSL 13:f67a6c6013ca 257
wolfSSL 13:f67a6c6013ca 258 if (src == NULL || dst == NULL)
wolfSSL 13:f67a6c6013ca 259 return BAD_FUNC_ARG;
wolfSSL 13:f67a6c6013ca 260
wolfSSL 13:f67a6c6013ca 261 if (src->buf == NULL)
wolfSSL 13:f67a6c6013ca 262 return BAD_FUNC_ARG;
wolfSSL 13:f67a6c6013ca 263
wolfSSL 13:f67a6c6013ca 264 err = mp_read_unsigned_bin(dst, src->buf, src->len);
wolfSSL 13:f67a6c6013ca 265 wc_bigint_free(src);
wolfSSL 13:f67a6c6013ca 266
wolfSSL 13:f67a6c6013ca 267 return err;
wolfSSL 13:f67a6c6013ca 268 }
wolfSSL 13:f67a6c6013ca 269
wolfSSL 13:f67a6c6013ca 270 #endif /* HAVE_WOLF_BIGINT */
wolfSSL 13:f67a6c6013ca 271
wolfSSL 13:f67a6c6013ca 272 #endif /* USE_FAST_MATH || !NO_BIG_INT */
wolfSSL 13:f67a6c6013ca 273